THL UTA-2026-014 keyosbuff C2-Leak Repository Reference in HTTP URI (Operator OPSEC Artifact)
Sourcehunters-ledger
Filehunters-ledger.rules
CreatedMay 26, 2026
UpdatedJuly 13, 2026
Classificationtrojan-activity
alert http $HOME_NET any -> any any (msg:"THL UTA-2026-014 keyosbuff C2-Leak Repository Reference in HTTP URI (Operator OPSEC Artifact)"; flow:established,to_server ; http.uri; content:"keyosbuff"; nocase; classtype:trojan-activity; sid:3500078; rev:2; metadata:author The_Hunters_Ledger, date 2026-05-26, reference https://the-hunters-ledger.com/hunting-detections/rovodev-mirai-matrix-c2-87.106.143.220-detections/ ;)
Metadata
authorThe_Hunters_Ledger
date2026-05-26
referencehttps://the-hunters-ledger.com/hunting-detections/rovodev-mirai-matrix-c2-87.106.143.220-detections/
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!